HoneyNetCloud Investigation Model, A Preventive Process Model for IoT Forensics

With the pervasive usage of sensing systems and IoT things, the importance of security has increased. Attempts towards breaching IoT security systems by attackers are on upsurge. Many intrusions in embedded systems, sensing equipment and IoT things have occurred in the past. Though there are cyber security tools like Antivirus, Intrusion detection and prevention systems available for securing the digital devices and its networks. However, a forensic methodology to be followed for the analysis and investigation to detect origin cause of network incidents is lacking. This paper derives a comprehensive preventive cyber forensic process model with honeypots for the digital IoT investigation process which is formal, that can assist in the court of law in defining the reliability of the investigative process. One year data of various attacks to the IoT network has been recorded by the honeypots for this study. The newly derived model HIM has been validated using various methods and instead of converging on a particular aspect of investigation, it details the entire lifecycle of IoT forensic investigation. The model is targeted to address the forensic analysts’ requirements and the need of legal fraternity for a forensic model. The process model follows a preventive method which reduce further attacks on network.

Download Full-text

Cyber Security Systems and Prospects: Focusing on the US, UK, Japan, and South Korea

The Journal of Internet Electronic Commerce Resarch ◽

10.37272/jiecr.2020.10.20.5.141 ◽

2020 ◽

Vol 20 (5) ◽

pp. 141-161

Author(s):

HyunMin Shin ◽

Injai Kim

Keyword(s):

South Korea ◽

Cyber Security ◽

Security Systems ◽

The Us

Download Full-text

Fast Tracks and Inner Journeys: Crafting Portable Selves for Contemporary Careers

Administrative Science Quarterly ◽

10.1177/0001839217720930 ◽

2017 ◽

Vol 63 (3) ◽

pp. 479-525 ◽

Cited By ~ 24

Author(s):

Gianpiero Petriglieri ◽

Jennifer Louise Petriglieri ◽

Jack Denfeld Wood

Keyword(s):

Process Model ◽

Cultural Influence ◽

Business Administration ◽

The Self ◽

The Other ◽

Self In Relation ◽

Working Lives ◽

One Year ◽

Mobile Working ◽

Over Time

Through a longitudinal, qualitative study of 55 managers engaged in mobile careers across organizations, industries, and countries, and pursuing a one-year international master’s of business administration (MBA), we build a process model of the crafting of portable selves in temporary identity workspaces. Our findings reveal that contemporary careers in general, and temporary membership in an institution, fuel people’s efforts to craft portable selves: selves endowed with definitions, motives, and abilities that can be deployed across roles and organizations over time. Two pathways for crafting a portable self—one adaptive, the other exploratory—emerged from the interaction of individuals’ aims and concerns with institutional resources and demands. Each pathway involved developing a coherent understanding of the self in relation to others and to the institution that anchored participants to their current organization while preparing them for future ones. The study shows how institutions that host members temporarily can help them craft selves that afford a sense of agentic direction and enduring connection, tempering anxieties and bolstering hopes associated with mobile working lives. It also suggests that institutions serving as identity workspaces for portable selves may remain attractive and extend their cultural influence in an age of workforce mobility.

Download Full-text

Cyber-Physical Industrial Control System Testbed: A Cyber-Security Solution

University of the Future: Re-Imagining Research and Higher Education ◽

10.29117/quarfe.2020.0233 ◽

2020 ◽

Author(s):

Mohammad Nourizadeh ◽

Mohammad Shakerpour ◽

Nader Meskin ◽

Devrim Unal

Keyword(s):

Cyber Security ◽

Process Model ◽

Degrees Of Freedom ◽

Industrial Process ◽

Environmental Safety ◽

Open Loop ◽

Industrial Control ◽

Systems Research ◽

Process Plant ◽

Real Risk

In this project, the hybrid testbed architecture is selected for the development of ICS testbed where the Tennessee Eastman (TE) plant is simulated inside PC and the remaining components are implemented using real industrial hardware. TE plant is selected as the industrial process for the developed cybersecur ity testbed due to the following reasons. First, the TE modTheel is a wellknown chemical process plant used in control systems research and it dynamics is well understood. Second, it should be properly cont rolled otherwise small disturbance will drive the system toward an unsafe and unstable operat ion. The inherent unstable open-loop property of the TE process model presents a real-world scenario in which a cyberattack could represent a real risk to human safety, environmental safety, and economic viability. Third, the process is complex, coupled and nonlinear, and has many degrees of freedom by which to control and perturb the dynamics of the process.

Download Full-text

VOCATIONAL SCHOOL LABORATORY ON THE BASIS OF CYBER SECURITY IN THE FIELD OF THE INTERNET OF THINGS (IOT)

Вестник ГГНТУ. Гуманитарные и социально-экономические науки ◽

10.34708/gstou.2019.18.4.018 ◽

2019 ◽

Author(s):

Э.Д. Алисултанова ◽

Л.К. Хаджиева ◽

М.З. Исаева

Keyword(s):

Internet Of Things ◽

Cyber Security ◽

Legal Aspects ◽

Smart Manufacturing ◽

The Internet ◽

Iot Security ◽

Career Opportunities ◽

School Laboratory ◽

Basic Ideas ◽

The Internet Of Things

Данная статья посвящена созданию профориентационной (умной) лаборатории, которая призвана сформировать у школьников базовые представления о технологии Интернет вещей (IoT), угрозах кибербезопасности в этой сфере, мотивировать к получению в будущем профильного образования и построению карьеры в области обеспечения безопасности Интернет вещей (IoT) при функционировании умного производства. Обучение школьников в профориентационной лаборатории, построенное на основе применения интерактивных электронных образовательных ресурсов, прежде всего будет позиционировать карьерные возможности будущих специалистов в сфере обеспечения безопасности Интернет вещей (IoT) при функционировании умного производства. В рамках функционирования лаборатории особое внимание обучающихся сконцентрировано на тематиках правовых аспектов обеспечения кибербезопасности, главных тенденциях развития киберугроз в современном глобальном информационном пространстве и мерах, необходимых для их нейтрализации. This article is devoted to the creation of a career-oriented (smart) laboratory, which is designed to formulate in schoolchildren basic ideas about the Internet of Things (IoT) technology, cyber security threats in this area, motivate to receive specialized education in the future and build a career in the field of Internet things (IoT) security) with the functioning of smart manufacturing. The training of schoolchildren in a vocational guidance laboratory, based on the use of interactive electronic educational resources, will primarily position the career opportunities of future specialists in the field of Internet of Things (IoT) security in the operation of smart manufacturing. Within the framework of the functioning of the laboratory, special attention of students is concentrated on the topics of the legal aspects of ensuring cyber security, the main trends in the development of cyber threats in the modern global information space and the measures necessary to neutralize them.

Download Full-text

Improving the Security of Storage Systems

Cyber Law, Privacy, and Security ◽

10.4018/978-1-5225-8897-9.ch038 ◽

2019 ◽

pp. 796-829

Author(s):

Wasan Awad ◽

Hanin Mohammed Abdullah

Keyword(s):

Cyber Security ◽

Storage Systems ◽

Assessment Model ◽

Security Threats ◽

Risk Matrix ◽

Security Risks ◽

Security Systems ◽

Security Vulnerabilities ◽

File Storage ◽

Local Storage

Developing security systems to protect the storage systems are needed. The main objective of this paper is to study the security of file storage server of an organization. Different kinds of security threats and a number of security techniques used to protect information will be examined. Thus, in this paper, an assessment plan for evaluating cyber security of local storage systems in organizations is proposed. The assessment model is based on the idea of cyber security domains and risk matrix. The proposed assessment model has been implemented on two prestigious and important organizations in the Kingdom of Bahrain. Storage systems of the assessed organizations found to have cyber security risks of different scales. This conclusion gives certainty to the fact that organizations are not capable of following the cyber security evolution and secure their storage systems from cyber security vulnerabilities and breaches. Organizations with local storage systems can improve the cyber security of their storage systems by applying certain techniques.

Download Full-text

Artificial Intelligence-Based Solutions for Cyber Security Problems

Advances in Systems Analysis, Software Engineering, and High Performance Computing - Artificial Intelligence Paradigms for Smart Cyber-Physical Systems ◽

10.4018/978-1-7998-5101-1.ch004 ◽

2021 ◽

pp. 68-86

Author(s):

Merve Yildirim

Keyword(s):

Artificial Intelligence ◽

Cyber Security ◽

Cyber Attacks ◽

Network Systems ◽

Security Systems ◽

Artificial Intelligence Techniques ◽

Security Issues ◽

Security Applications ◽

Cyber Threats ◽

Legal Risks

Due to its nature, cyber security is one of the fields that can benefit most from the techniques of artificial intelligence (AI). Under normal circumstances, it is difficult to write software to defend against cyber-attacks that are constantly developing and strengthening in network systems. By applying artificial intelligence techniques, software that can detect attacks and take precautions can be developed. In cases where traditional security systems are inadequate and slow, security applications developed with artificial intelligence techniques can provide better security against many complex cyber threats. Apart from being a good solution for cyber security problems, it also brings usage problems, legal risks, and concerns. This study focuses on how AI can help solve cyber security issues while discussing artificial intelligence threats and risks. This study also aims to present several AI-based techniques and to explain what these techniques can provide to solve problems in the field of cyber security.

Download Full-text

Multifractal Singularity Spectrum for Cognitive Cyber Defence in Internet Time Series

International Journal of Software Science and Computational Intelligence ◽

10.4018/ijssci.2015070102 ◽

2015 ◽

Vol 7 (3) ◽

pp. 17-45 ◽

Cited By ~ 6

Author(s):

Muhammad Salman Khan ◽

Ken Ferens ◽

Witold Kinsner

Keyword(s):

Time Series ◽

Cloud Computing ◽

Cyber Security ◽

Intrusion Detection Systems ◽

Financial Fraud ◽

The Internet ◽

Singularity Spectrum ◽

Security Systems ◽

Detection Systems ◽

Computing Platforms

Growing global dependence over cyberspace has given rise to intelligent malicious threats due to increasing network complexities, inherent vulnerabilities embedded within the software and the limitations of existing cyber security systems to name a few. Malicious cyber actors exploit these vulnerabilities to carry out financial fraud, steal intellectual property and disrupt the delivery of essential online services. Unlike physical security, cyberspace is very difficult to secure due to the replacement of traditional computing platforms with sophisticated cloud computing and virtualization. These complex systems exhibit an increasing degree of complexity in tracking an attack or monitoring possible threats which is becoming intractable with the existing security firewalls and intrusion detection systems. In this paper, authors present a novel complexity detection technique using generalized multifractal singularity spectrum which is able to not only capture the growing complexity of the internet time series but also distinguishes the presence of an attack accurately.

Download Full-text

The Effectiveness of Cyber Security Frameworks in Combating Terrorism in Zimbabwe

International Journal of Cyber Research and Education ◽

10.4018/ijcre.2020010101 ◽

2020 ◽

Vol 2 (1) ◽

pp. 1-16

Author(s):

Jeffrey Kurebwa ◽

Eunice Magumise

Keyword(s):

Cyber Security ◽

Qualitative Methodology ◽

Case Study Research ◽

Capital City ◽

Security Threats ◽

Cyber Terrorism ◽

African Countries ◽

Security Systems ◽

Media Reports

This study investigated the effectiveness of Zimbabwe's cyber security frameworks in combating terrorism. Media reports and scholarly evidence have constantly shown that cybercrime has led to loss of life, money, security, damage to property. There is a lot of concern among citizens of African countries such as Zimbabwe, Kenya, and Nigeria that their governments are not equipped with effective cyber security systems to combat these cyber threats. It is on the basis of these concerns that this study was carried out with the hope of helping to close policy and knowledge gaps affecting the effectiveness of the cyber security frameworks of Zimbabwe. The study used qualitative methodology and a case study research design was utilised. The study was conducted in Harare the capital city of Zimbabwe. Key informant interviews and documentary search were used to collect data. Among the findings of the study were that cyber fraud and theft are some of the significant cyber security threats in Zimbabwe; that Zimbabwe lacks established legislation and other regulatory institutions for cyber-security. Among the recommendations are; that the Ministry of Justice, Legal and Parliamentary Affairs enacts cyber security laws in Zimbabwe to combat cyber terrorism.

Download Full-text

A GENERIC DATABASE FORENSIC INVESTIGATION PROCESS MODEL

Jurnal Teknologi ◽

10.11113/jt.v78.9190 ◽

2016 ◽

Vol 78 (6-11) ◽

Cited By ~ 5

Author(s):

Arafat Al-Dhaqm ◽

Shukor Abd Razak ◽

Siti Hajar Othman ◽

Asri Nagdi ◽

Abdulalem Ali

Keyword(s):

Research Methodology ◽

Process Model ◽

Design Science ◽

Science Research ◽

Design Science Research ◽

Database Systems ◽

Research Area ◽

Forensic Investigation ◽

Fast Growing ◽

Investigation Process

Database Forensic investigation is a domain which deals with database contents and their metadata to reveal malicious activities on database systems. Even though it is still new, but due to the overwhelming challenges and issues in the domain, this makes database forensic become a fast growing and much sought after research area. Based on observations made, we found that database forensic suffers from having a common standard which could unify knowledge of the domain. Therefore, through this paper, we present the use of Design Science Research (DSR) as a research methodology to develop a Generic Database Forensic Investigation Process Model (DBFIPM). From the creation of DBFIPM, five common forensic investigation processes have been proposed namely, the i) identification, ii) collection, iii) preservation, iv) analysis and v) presentation process. From the DBFIPM, it allows the reconciliation of concepts and terminologies of all common databases forensic investigation processes. Thus, this will potentially facilitate the sharing of knowledge on database forensic investigation among domain stakeholders.

Download Full-text

Application of the JDL data fusion process model for cyber security

10.1117/12.850275 ◽

2010 ◽

Cited By ~ 14

Author(s):

Nicklaus A. Giacobe

Keyword(s):

Data Fusion ◽

Cyber Security ◽

Process Model ◽

Fusion Process

Download Full-text